﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace IntraVision.Web.Security
{
    [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class)]
    public class AllowedRoleAttribute : SecurityAttribute
    {
        public string[] Roles;

        public AllowedRoleAttribute(params string[] roles)
        {
            Roles = new string[roles.Length];
            roles.CopyTo(Roles, 0);
        }

        public override bool IsOK(IUser user)
        {
            if (user == null) return false;
            foreach (string role in Roles)
                if (user.HasPermission(role)) return true;
            return false;
        }
    }
}
